struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lukasz Lenart (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (WW-4641) CVE-2016-0785
Date Thu, 23 Jun 2016 06:01:16 GMT

    [ https://issues.apache.org/jira/browse/WW-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15344636#comment-15344636
] 

Lukasz Lenart edited comment on WW-4641 at 6/23/16 6:01 AM:
------------------------------------------------------------

https://struts.apache.org/docs/iterator.html

The id attribute is deprecated in Struts 2.1.x, and has been replaced by the var attribute.

{code:xml}
<s:iterator value="beanList" id="bean">
      <s:textfield name="beanList(%{bean.id}).name" />
</s:iterator>
{code}
use:
{code:xml}
<s:iterator value="beanList" var="bean">
      <s:textfield name="beanList(%{bean.id}).name" />
</s:iterator>
{code}


was (Author: gregh99):
https://struts.apache.org/docs/iterator.html

The id attribute is deprecated in Struts 2.1.x, and has been replaced by the var attribute.

<s:iterator value="beanList" id="bean">
      <s:textfield name="beanList(%{bean.id}).name" />
</s:iterator>

use:

<s:iterator value="beanList" var="bean">
      <s:textfield name="beanList(%{bean.id}).name" />
</s:iterator>

> CVE-2016-0785
> -------------
>
>                 Key: WW-4641
>                 URL: https://issues.apache.org/jira/browse/WW-4641
>             Project: Struts 2
>          Issue Type: New Feature
>          Components: Expression Language
>    Affects Versions: 2.3.20
>         Environment:  apache tomcat 6.0.27
>            Reporter: Samba
>            Assignee: Lukasz Lenart
>              Labels: features
>             Fix For: 2.3.30
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> Hi Team,
> http://struts.apache.org/docs/s2-029.html
> please suggest the replacement code for %{..} for the latest version of the struts 2.3.28
> Thanks
> Sambasiva Rao



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message